[Cryptography] nytimes.com switches to https

Ray Dillinger bear at sonic.net
Thu Jan 12 16:21:37 EST 2017



On 01/11/2017 06:16 PM, Christian Huitema wrote:

> It will probably require padding of the "page sizes" to a small set of
> standard sizes, maybe powers of two or fractional powers of two, thus
> defeating the coarse grain features outlined in the Peek-a-Boo paper. That's
> substantial padding, up to 100% for the power of 2, a fraction of that for
> the fractional power. Will the web site publishers pay for that? Probably
> not all of them.  But some might.
> 

A standard I've seen applied elsewhere is "a power of two, optionally
multiplied by three."  It gives the usual sequence of "Computer Science
round numbers"  ie, 1,2,3,4,6,8,12,16,24,32,48,64.....

Maximum overhead is 50%.  I think that's in the "reasonable" range for
most purposes.

But size-padding schemes aren't enough to narrow down the identity
of the article accessed, unless the request/response is condensed into
a single entity with all text and graphics embedded in one response.
There's an obvious difference, to a traffic analyst, between a page that
triggers further requests for 20 different images and a page that
triggers further requests for 21 different images.  If you add in
image sizes, whether padded to a "round number" or not, the whole thing
is quite transparent.

So what you need is a server-side plugin that packages all the stuff
that's supposed to be on a page into a single http response, and a
browser plugin that unpacks these mini-archives and displays them
correctly. I think this is standard methodology for IPN protocol,
because it minimizes roundtrips and IPN is all about minimizing
roundtrips.  But there are no web browsers and damned few servers
that speak IPN, and so far it hasn't been applied to IP networks.


				Bear

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170112/61f1c4a4/attachment.sig>


More information about the cryptography mailing list